Fri 10/12/2012 12:04 PM
Greetings Dr. Brian T. Woods, John Jay High School and Anson Jones Middle School in San Antonio, Texas
The story about your schools are hitting the news for infringing on privacy of students. What has gotten into that Ph.D. head of yours to think that chipping students provide any benefit? The below excerpt from http://rt.com/usa/news/texas-school-id-hernandez-033/ seems to me that the bully on the playground are the administrators. If she does not wear the card, you are going to take your “ball” and leave the game. Stating she cannot have voting rights because of this and you are ruining the one era of a child’s life before they hit the real world.
After Hernandez refused to wear an RFID chip, WND reported that Deputy Superintendent Ray Galindo issued a statement to the girl’s parents: “We are simply asking your daughter to wear an ID badge as every other student and adult on the Jay campus is asked to do.” If she is allowed to forego the tracking now, the repercussions will be harsher than just revoking voting rights for homecoming contests once the school makes location-monitoring mandatory, he argued.
I am curious to see just what your agenda is with your training and education. Are you there to advance the educational opportunities of the students or are you there to make a test bed for bringing in big brother as your political science major might indicate. What did schools do in the early years? The technology you are using to curb attendance is to help you get some “money” from a state that probably should not spend money. Remember nothing is free and someone is paying. The tax payers in your state and the tax payers of the nation might be for any grants or budgets given at the federal level. Are you a left winged socialist who wants everyone to pay and advance your school’s agenda? Even in my town the social left want to take from the State of CT as much as possible without letting the light go on in their heads that…we all eventually pay the bill.
More frightening is the information below.
“Using this information along with an RFID reader means a predator could use this information to determine if the student is at home and then track them wherever they go. These chips are always broadcasting so anyone with a reader can track them anywhere,” she said.
I am a certified ethical hacker and computer hacking forensic investigator. The technology you employ is most vulnerable to hijacking and data leakage. If you are looking for a career ending move, you just set yourself up to be an example. With the story going viral and the insecurity of the technology by those wishing to do harm, will come and prey upon the children as unemployment and idle time rises. In an investigation of the deep web and TOR sites the majority of the listings to be against the basic moral code. The pedophiles that are out there with their sites are at an alarming rate. Read the article my colleague posted “What is the deep web. A trip into the Abyss“.
What I am saying is do not do this. You are approaching this the wrong way. Notably, you did not receive any technological advice before proceeding. My alma mater, NFA, Norwich Free Academy in Norwich CT. has other rules in place to curb attendance without an RFID card. My graduating year was the last year of tolerance of missed days before they enacted this. I have a mind like a steel trap and remember too much, but it has its advantages. NFA has it where if the student misses too many days they don’t graduate. Pretty simple.
Here are the vulnerabilities to RFID in brief:
• Vulnerabilities include
o RFID viruses
o SQL injection attacks, injecting more info than expected
o Privacy disclosure
o maybe used to identify nationality of person on train
o Vendor information can be retrieved
o Inventory may be monitored, part of footprinting process by cracker
1. RFID Worms -abuse network connections and spread via attacking online service tags. RFID worms get code from bad servers and then use them to execute from malware middle ware servers.
2. RFID Viruses -self replicate and infect new RFID tags independently, without the need of network connection. They do not have a payload so they do not interrupt backend servers or. If the tags pass information on to reader and then on to control management systems then they can infect other readers and control management systems.
3. RFID Exploits – are harmful RFID tag data that attack part of the RFID open to attackers. When the reader reads the tag it expects readable data format, instead it gets junk and it corrupts the system.
1. List various applications of RFID. They are used to track items like clothing for theft, parts or machines use and maintenance, tracking animals like invisible fences.
Nowhere in the above does it say to use it to track people. Maybe you should do the same.
Network Security Engineer
Netwerk Guardian LLC
CCNA Security #11488924
Certified Ethical Hacker v6
Computer Hacking Forensics Investigator v4
V (860) 556-3001
F (855) 864-5500
**************************** UPDATE ****************************
Article just released from WIRED shows how sick minded school systems and Professionals can be. They are asking that the parent of the daughter now expelled to stop publicly trashing the school for its Big Brother approach to curb attendance and endorse it. The student is suggested to attned in order to go to a magnet school with the chip removed from the card.
The district, in a letter last week to the family, said it would allow her to continue attending the magnet school with “the battery and chip removed.” But the girl’s father, Steve Hernandez, said the district told him that the offer came on the condition that he must “agree to stop criticizing the program and publicly support it,” a proposition the father told WND Education that he could not stomach.
****************** Update 2-Dec-2012 ****************************
Here we have action against the school from the hacker group Anonymous. The actions taken are illegal and the end does not justify the means. Folks, no matter how we feel or what side or position we take, cracking into/against a site is not the answer. We must solicit and petition those in power over us to make an appeal and amend the action that we believe is against the cause.
It appears that a hacker going by the name tr1xxyanon has taken down the www.nisd.net site. You can read the story here by Mireya Villarreal. This is in response the above mentioned invasion of privacy of children. High school is the last frontier before death and taxes folks. Why infringe upon the children when they have the rest of their lives to be like us tax paying citizens. As you can see I don’t agree with NISD decision to chip I don’t condone illegal activities.